CVE-2024-12029 – InvokeAI Deserialization of Untrusted Data vulnerability

2025-07-17 21:07

CVE-2024-12029: A critical deserialization vulnerability in InvokeAI’s /api/v2/models/install endpoint allows remote code execution via malicious model files. Exploit risk for AI art servers.

The post CVE-2024-12029 – InvokeAI Deserialization of Untrusted Data vulnerability appeared first on OffSec.

This article has been indexed from OffSec

Read the original article:

CVE-2024-12029 – InvokeAI Deserialization of Untrusted Data vulnerability

← Massive Data Leak at Texas Adoption Agency Exposes 1.1 Million Records

Ukraine Hackers Claimed Cyberattack on Major Russian Drone Supplier →


10.4K	8K	100+	500+

Read the original article:

Related

Post navigation